74 Arrested in International Operation Targeting BEC Scams

A total of 74 individuals have been arrested as part of an international law enforcement operation targeting business email compromise (BEC) scams, U.S. authorities announced on Monday.

Forty-two people have been arrested in the United States, 29 in Nigeria, and three in Canada, Mauritius, and Poland. The operation, dubbed “Wire Wire” and conducted over a period of six months, also resulted in the seizure of nearly $2.4 million and the disruption and recovery of roughly $14 million in fraudulent wire transfers, according to the Department of Justice and the FBI.

Some of the suspects are believed to have been involved in schemes targeting businesses of all sizes, while others targeted individual victims.

The Justice Department said 23 individuals were charged in the Southern District of Florida with laundering at least $10 million obtained from BEC scams. The list of suspects also includes two Nigerian nationals living in Dallas, Texas, who tricked a real estate closing attorney into wiring $246,000 to accounts they controlled.

A separate indictment targets three individuals, two of which were extradited to the United States from the United Kingdom and Mauritius.

BEC scams, which authorities also call cyber-enabled financial fraud, often target employees with access to company finances and trick them into making wire transfers to bank accounts controlled by the criminals. The FBI has received reports of losses totaling more than $3.7 billion since the agency’s Internet Crime Complaint Center (IC3) has been keeping track of BEC scams.

“The federal law enforcement agencies that executed on this takedown deserve our gratitude” said Christy Wyatt, CEO of Dtex Systems, a security provider that helps organizations defend their most trusted insiders. “Removing 42 criminals off of our cyber streets will hopefully make things safer, serve as warning to others and provide us with details that will help us to be more secure moving forward. The operation is also a reminder that most major cybercrimes involve employee error and under-utilization of technology and education resources that can be used to defend our most trusted insiders.”

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.